<?php
session_start();
include("config.php");
//grab the msg, if it is there
$msg = @$_GET['msg'];

if (isset($_POST['username']) && isset($_POST['password'])) {
	// check if the username and password combination is correct
	if ($_POST['username'] === $IFS_user && $_POST['password'] === $IFS_password) {
		// the username and password match, 
		// set the session
		//set the username, admin.php uses it
		//TODO: have a log that will record when they login.
		$_SESSION['iframeserverAuth'] = true;
		$_SESSION['iframeserverUser'] = $_POST['username'];
		
		// after login we move to the admin page
		header('Location: admin.php');
		exit;
	} else {
		$msg = 3;
	}
}
//logout if statement
if(@$_GET['l'] == "1") {  //l = logout in the url, if it is there it needs to be set to one (1) for the if to work
// if the user is logged in, unset the session
if (isset($_SESSION['iframeserverAuth'])) {
   unset($_SESSION['iframeserverAuth']);
   unset($_SESSION['iframeserverUser']);
   header('Location: index.php?msg=2');
}
}

//general messages switch statement
switch($msg){
case 1:
	$msg = "You must be logged in to view this page!";
	break;
case 2:
	$msg = "You have been successfully logged out.";
	break;
case 3:
	$msg = "Incorrect login. Please check your username and password below.";
	break;
default:
	$msg = "";
	break;
}

?>
<!--Force IE6 into quirks mode with this comment tag-->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>iFrame Administration</title>
<script language="javascript" src="js/prototype.js"></script>
<link rel="stylesheet" href="css/admin.css" type="text/css" />
</head>
<body onload="">
<div id="framecontent">
<div class="innertube">
<h1>iFrame Administration&nbsp;&nbsp;Welcome, please login.</h1>
</div>
</div>

<div id="maincontent">
<div class="innertube">
<?php 
if (!$msg == '') {
echo "<div id=\"msg\">". $msg ."</div>";
}
?>
<fieldset>
<legend>Login</legend>
<form action="" method="post">
<label for="username">Username: </label>
<input type="text" name="username"><br />
<label for="password">Password:</label>
<input type="password" name="password">
<br /><label for="submit"></label>
<input type="submit" value="Login">
</form>
</fieldset>
</div>
</div>
</body>
</html>

